Manage roles
Imply Lumi uses role-based access control (RBAC) to secure resources within Imply Lumi. With RBAC, you group users into roles based on common access needs. Each role contains one or more permissions, which define the resources users can access and the actions they can perform. This strategy enables you to restrict user capabilities so that users can only access the resources necessary for their specific tasks.
Prerequisites
To assign and manage roles, you need either the Admin or Manager role.
Predefined roles
Imply Lumi includes predefined roles that you can assign to users. These roles simplify administration and access management and align with common functions.
Predefined roles enforce the principle of least privilege (PoLP) to ensure that users only have access to the resources and operations necessary to perform their tasks.
You can't modify predefined roles.
To view the predefined roles and their permissions, click Roles in the navigation menu. Click a role to view the users assigned to that role.
The following table lists the predefined roles and their permissions. For details about each permission, see Permissions.
| Role | Description | Permissions |
|---|---|---|
| Admin | Has full control over IAM keys, roles, users, and billing. Can add and search events. Has full visibility into the Imply Lumi user interface. | AddEvents,AdministerBilling, AdministerIAMKeys, AdministerRoles, AdministerUsers, ManageIAMKeys, ReadEvents, ReadRoles, ReadUsers |
| Manager | Has full control over roles and users. Can create and manage only the IAM keys personally created. Can add and search events. | AddEvents, AdministerIAMKeys,AdministerRoles, AdministerUsers, ManageIAMKeys, ReadEvents, ReadRoles, ReadUsers |
| Data manager | Can add and search events. Has limited access to the Imply Lumi interface. | AddEvents, ReadEvents |
| Viewer | Can search events. Can access the Explorer page. | ReadEvents |
Assign roles
To assign roles, follow these steps:
- Click Users in the navigation menu.
- Locate the user whose roles you want to manage.
- Click the ellipsis and select Assign roles to display the Select roles dialog.
- Use the checkboxes to select the desired roles for the user, then click Save.
You can also assign and manage roles from the user details page.
Learn more
See the following topics for more information:
- Glossary for definitions of Imply Lumi terms.
- Permissions for information on permissions.